package com.finance.system.configure.websecurity;


import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import javax.annotation.PostConstruct;
import java.util.Arrays;
import java.util.PrimitiveIterator;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {





    @Autowired
    private AuthenticationEntryPoint financeAuthenticationEntryPoint;

    @Autowired
    private AccessDeniedHandler financeAccessDeniedHandler;

    @Autowired
    private AuthenticationSuccessHandler financeAuthenticationSuccessHandler;

    @Autowired
    private AuthenticationFailureHandler financeAuthenticationFailureHandler;
    @Autowired
    private UserDetailsService financeUserDetailServiceManager;






    @Bean
    public AttemptAuthenticationFilter authenticationFilter() throws Exception {
        AttemptAuthenticationFilter attemptAuthenticationFilter = new AttemptAuthenticationFilter();
        attemptAuthenticationFilter.setAuthenticationManager(super.authenticationManager());
        attemptAuthenticationFilter.setAuthenticationSuccessHandler(financeAuthenticationSuccessHandler);
        attemptAuthenticationFilter.setAuthenticationFailureHandler(financeAuthenticationFailureHandler);
        return attemptAuthenticationFilter;
    }

    @Bean
    public PasswordEncoder passwordEncoder(){
        PasswordEncoder encoder = new BCryptPasswordEncoder();
        return encoder;
    }

    @Bean
    public AuthenticationProvider authenticationProvider(){
        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
        provider.setUserDetailsService(financeUserDetailServiceManager);
        provider.setPasswordEncoder(passwordEncoder());
        return provider;
    }



    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .csrf().disable()
                .authenticationProvider(authenticationProvider())
                .exceptionHandling()
                    .authenticationEntryPoint(financeAuthenticationEntryPoint)
                    .accessDeniedHandler(financeAccessDeniedHandler)
                .and()
                .authorizeRequests()
                    .antMatchers("/swagger-ui.html").permitAll()
                    .antMatchers("/greeting").hasRole("USER");

    }

}